| Article No° | Product Name | Affected Version(s) |
|---|---|---|
| Smart PLC AC4xxS Firmware | V4.04 < V4.3.17 | |
| Smart PLC AC4xxS Firmware | V6.1.8 |
A vulnerability has been disclosed in PLC ifm AC4xxS that allows an attacker to trigger the safety state with the help of a specially crafted html request. This leads to a loss of availability.
The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a fail-safe state over the network due to missing authentication.
An unauthorized attacker can exploit this vulnerability to issue malicious commands to the PLC, potentially disrupting or damaging the production line.
Mitigation
When using automation components, make sure that no unauthorized access can take place. In addition, measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.
PLC with firmware V6.1.8 http interface can be disabled.
CERT@VDE coordinated with ifm electronic GmbH
Reported by Dmytro Kryhin of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”